Let’s Encrypt is a free, automated, and open certificate authority brought to you by the non-profit Internet Security Research Group (ISRG). To enable HTTPS on your website, you need to get a certificate (a type of file) from a Certificate Authority (CA). Let’s Encrypt is a CA. In order to get a certificate for your website’s domain from Let’s Encrypt, you have to demonstrate control over the domain. With Let’s Encrypt, you do this using software that uses the ACME protocol, which typically runs on your web host. Here is how I installed and atomized its renewal
- Download and install the free Let’s Encrypt SSL certificate.
- Create a cron script by saving the following to an executable script.
#!/bin/bash #Script to auto renews the free SSL certificate cd /production/scripts/letsencrypt ; ./letsencrypt-auto renew 2>&1 | tee /tmp/letsencrypt.log STAT=$(echo $?) ERRORLOG=`cat /tmp/letsencrypt.log` if [ $STAT -ne 0 ] then echo -e "The Lets Encrypt Cert has not been renewed! \n \n" $ERRORLOG | mail -s "Lets Encrypt Cert Alert" <ADD_EMAIL_ID> else service apache2 restart echo -e "The Lets Encrypt Cert has now been renewed! \n \n" $ERRORLOG | mail -s "Lets Encrypt Cert Notice" <ADD_EMAIL_ID> fi exit 0